from the sigh dept

While it seems that too many people and organizations think that the problem with the internet is too much anonymity, there are those who see the opposite as being the case. Google, for instance, at one point instituted a "real name" policy for its platforms, arguing that areas like the comments section on YouTube, which required a real name login, would be worlds better if only everyone had to put their real names on their comments. It was a dumb idea for several reasons, including the complete unworkability of the policy and the fact that, haha, nothing can clean up YouTube's comments section, you silly fools. For these reasons, Google eventually dropped the policy and restored anonymity on its platforms, and yet somehow the world kept turning.

Facebook too has adopted a real name policy and it's been every bit as effective at tamping down unruly behavior. Which is to say that it hasn't. At all. And, in the meantime, valid reasons for wanting to be anonymous online are thrown by the wayside. As it turns out, one German privacy watchdog group considered this an important enough issue to go on the muscle and declare that Facebook must allow anonymous accounts on its platform. Per Bloomberg:

Facebook Inc. was ordered by a German privacy watchdog to allow users to have accounts under pseudonyms on the social network. Facebook may not unilaterally change such accounts to the real names of users and may not block them, Johannes Caspar, Hamburg’s data regulator, said in an e-mailed statement. The company, whose European headquarters are in Ireland, can’t argue it’s only subject to that country’s law, he said.

“Anyone who stands on our pitch also has to play our game,” said Caspar. “The arbitrary change of the user name blatantly violates” privacy rights.

Let's be clear: anonymous speech is an ideal I think everyone should embrace. That said, this move by the regulator is simply another step in an ongoing trend in which European companies appear to want to wield a heavy regulatory hammer on foreign, and especially American, companies. And that trend isn't a good one for a whole host of reasons. Nationalism when it comes to an internet that by definition ignores borders is going to create havoc in an online world that feeds off of open speech and communication. While privacy rights are a laudible goal, creating a patchwork of regulatory rules for companies whose business is the internet is certainly not. And European targeting of American companies in this respect is only going to create a regulatory proxy war that nobody will benefit from.

The most disappointing part of all of this is that this particular story never would have happened if Facebook, with its American roots, had simply stood up for basic American ideals, of which anonymous speech is counted. You simply can't even graze the history of America without encountering the immense importance of anonymous speech, from the publication of Common Sense to the Supreme Court's recognition of it being a basic American ideal. For Facebook to open the door to regulatory abuse by a foreign nation by not honoring this heritage is extremely disappointing. Facebook's reaction to this news is as maddening as it is nonsensical.

“The use of authentic names on Facebook protects people’s privacy and safety by ensuring people know who they’re sharing and connecting with,” the company said in an e-mailed statement.

Ensuring people's privacy by taking away part of that privacy is an interesting theory in that it's self-contradictory on its face. Like I said, there are no good guys in this story, mostly because Facebook has ensured it won't play that role.

from the that-seems...-unwise dept

Update: We've written a new post about this case, which notes an important error we made in the analysis below. We claimed that the annotations were relied upon by the courts, which turns out not to be true. We apologize for the error, and we should have done more research initially. It is true, however, that multiple parts of the Georgia government do point to the annotated code as "the law" of the state and reference parts of that same annotated code. In our updated post, we do a more thorough analysis of the legal arguments -- yet we still regret and apologize for the initial error in this post.

Two years ago, we wrote about the state of Georgia ridiculously threatening to sue Carl Malamud and his site Public.Resource.org for copyright infringement... for publishing an official annotated copy of the state's laws. This followed on a similar threat from the state of Oregon, which wisely backed down. Malamud has spent the last few years of his life doing wonderful and important work trying to make sure that the laws that we live by are actually available to the public. The specific issue here is that while the basic Georgia legal code is available to the public, the state charges a lot of money for the "Official Code of Georgia Annotated." The distinction here is fairly important -- but it's worth noting that the courts will regularly rely on the annotations in the official code, which more or less makes them a part of the law itself the state points directly to the annotated version as the official laws of the state. Furthermore, the annotations are very important in understanding and applying the relevant interpretations and case law (case law is a part of the law, after all). And then, the question is whether or not the law itself should be subject to copyright restrictions. Malamud has long argued no, while the state has obviously argued yes, probably blinded by the revenue from selling its official copy of the annotated code. Update: In the original post, I overstated the claim that the courts would directly rely on the annotations. While the annotations are often used to better understand the relevant case law, it does not appear that the courts directly refer to the annotations themselves.

It took two years, but the state has now done the absolutely ridiculous thing of suing Malamud. It is about as ridiculous as you would expect again focusing on the highly questionable claim that the Official Code of Georgia Annotated is covered by federal copyright law -- and that not only was Malamud (*gasp*) distributing it, but also... creating derivative works! Oh no! And, he's such an evil person that he was encouraging others to do so as well!

This action for injunctive relief arises from Defendant’s systematic,
widespread and unauthorized copying and distribution of the copyrighted annotations
in the Official Code of Georgia Annotated (“O.C.G.A.”) through the distribution of
thumb drives containing copies of the O.C.G.A. and the posting of the O.C.G.A. on
various websites. Defendant has facilitated, enabled, encouraged and induced others
to view, download, print, copy, and distribute the O.C.G.A copyrighted annotations
without limitation, authorization, or appropriate compensation. On information and
belief, Defendant has also created unauthorized derivative works containing the
O.C.G.A. annotations by re-keying the O.C.G.A. in order to make it possible for
members of the public to copy and manipulate the O.C.G.A., thereby also encouraging
the creation of further unauthorized derivative works.

Believe it or not, the State of Georgia is actually claiming that it needs the copyright protections here to incentivize it to create these annotated copies of the law. Apparently, without copyright, Georgia's law would remain sadly unannotated.

Each of these annotations is an original and creative work of
authorship that is protected by copyrights owned by the State of Georgia. Without
providing the publisher with the ability to recoup its costs for the development of
these copyrighted annotations, the State of Georgia will be required to either stop
publishing the annotations altogether or pay for development of the annotations using
state tax dollars. Unless Defendant’s infringing activities are enjoined, Plaintiff and
citizens of the State of Georgia, will face losing valuable analysis and guidance
regarding their state laws.

This is ridiculous. In what world does making the law require copyright protection?

The State is particularly upset that Malamud ran some crowdfunding and donation campaigns seeking to raise money to keep his operations running, saying that he raised this money "to assist the Defendant in infringing the State of Georgia's copyrights." The State also complains that he uploaded the code to the Internet Archive under a CC 0 public domain dedication, saying (incorrectly) that this implies that he claimed that he was the owner of the annotations. That's not true at all. He's claiming that everyone owns them, because they're the law.

Later, the lawsuit makes Malamud out to be some sort of horrible person on a "crusade" to make the laws free, and to "control the accessibility of U.S. government documents."

On information and belief, Carl Malamud has engaged in an 18 yearlong
crusade to control the accessibility of U.S. government documents by becoming
the United States’ Public Printer – an individual nominated by the U.S. President and
who is in control of the U.S. Government Printing Office. Carl Malamud has not been
so nominated.

It takes a special kind of ridiculousness to argue that someone seeking to make the laws of the land more accessible to the public is somehow looking to "control the accessibility" of those laws. But, welcome to the State of Georgia, apparently home to just that kind of special ridiculousness.

The complaint further submits as an exhibit this Columbia Journalism Review article about Malamud from 2009 in order to support Georgia's ridiculous claim that Malamud sees what he's doing as a form of "terrorism." The lawsuit says the following:

Carl Malamud, has indicated that this type of strategy has been a successful
form of “terrorism” that he has employed in the past to force government entities to
publish documents on Malamud’s terms

Of course, all that's likely to really do is further educate the court about what Malamud is really looking to do: make the laws of the land more publicly accessible.

Either way, this seems like a ridiculous move for Georgia. Going after Carl Malamud for copyright infringement for helping to make the public more aware of the law in the state of Georgia just seems ridiculous. And for all of the state's repeated claims in the lawsuit that it's doing this to protect taxpayers, one has to ask why it's spending taxpayer revenue on filing such a ridiculous lawsuit?

Back when the state of Georgia first threatened Malamud two years ago, he responded as such:

It is a long-held tenet of American law that there is no copyright in the law. This is because the law belongs to the people and in our system of democracy we have the right to read, know, and speak the laws by which we choose to govern ourselves. Requiring a license before allowing citizens to read or speak the law would be a violation of deeply-held principles in our system that the laws apply equally to all.

This principle was strongly set out by the U.S. Supreme Court under Chief Justice John Marshall when they stated “the Court is unanimously of opinion that no reporter has or can have any copyright in the written opinions delivered by this Court, and that the judges thereof cannot confer on any reporter any such right.” Wheaton v. Peters, 33 U.S. (8 Pet.) 591 (1834). The Supreme Court speciﬁcally extended that principle to state law, such as the Ofcial Code of Georgia Annotated, in Banks v. Manchester (128 U.S. 244, 1888) , where it stated that “the authentic exposition and interpretation of the law, which, binding every citizen, is free for publication to all, whether it is a declaration of unwritten law, or an interpretation of a constitution or a statute.”

This still applies, and it seems that the State of Georgia might want to re-evaluate its choice of targets here.

from the a-zero-day-may-now-last-20-years dept

When code is treated like weapons, bad things happen. Governing bodies have previously treated encryption as weaponry, ensuring that only the powerful will have access to strong encryption while the general public must make do with weaker or compromised variants.

More recently, the US government went after the creator of a 3D-printed gun, claiming the very existence of printing instructions violated international arms regulations. So, it's not just the end result that's (potentially) covered under this ban (the actual weapon) but the data and coding itself. That's currently being fought in court, carrying with it some potentially disturbing implications for several Constitutional rights.

Specifically, the BIS proposal would add to the list of controlled technology:

Systems, equipment, components and software specially designed for the generation, operation or delivery of, or communication with, intrusion software include network penetration testing products that use intrusion software to identify vulnerabilities of computers and network-capable devices.

And:

Technology for the development of intrusion software includes proprietary research on the vulnerabilities and exploitation of computers and network-capable devices.

On its face, it appears that BIS has just proposed prohibiting the sharing of vulnerability research without a license.

As if things weren't already dangerous enough for security researchers, what with companies responding with threats and lawyers -- rather than apologies and appreciation -- when informed of security holes and the US government always resting its finger on the CFAA trigger. Violating the terms of this agreement could see researchers facing fines of up to $1 million and/or 20 years in prison.

Wassenaar was originally limited to physical items used in conventional weapons, like guns, landmines and missiles. It was amended in December 2013 to include surveillance tech, mainly in response to stories leaking out about Western companies like Gamma (FinFisher) and Hacking Team selling exploits and malware to oppressive governments, which then used these tools to track down dissidents and journalists.

The push to regulate the distribution of these tools had its heart in the right place, but the unintended consequences will keep good people from doing good things, while doing very little to prevent bad people from acquiring and deploying weaponized software.

The Wassenaar Arrangement's attempt to wrestle a mostly ethereal problem into regulatable problem was, for the most part, handled well. It defined the software it intended to control very narrowly and provided some essential exceptions:

Notably, the controls are not intended apply to software or technology that is generally available to the public, in the public domain, or part of basic scientific research.

But, even so, it still contained the potential to do more harm than good.

We have significant problems with even the narrow Wassenaar language; the definition risks sweeping up many of the common and perfectly legitimate tools used in security research.

Either interpretation (Wassenaar, BIS) is a problem. The BIS version is much worse, but both will result in a less-secure computing world, despite being implemented with an eye on doing the opposite, as Robert Graham at Errata Security points out.

[G]ood and evil products are often indistinguishable from each other. The best way to secure your stuff is for you to attack yourself.

That means things like bug bounties that encourage people to find 0-days in your software, so that you can fix them before hackers (or the NSA) exploit them. That means scanning tools that hunt for any exploitable conditions in your computers, to find those bugs before hackers do. Likewise, companies use surveillance tools on their own networks (like intrusion prevention systems) to monitor activity and find hackers.

Thus, while Wassenaar targets evil products, they inadvertently catch the bulk of defensive products in their rules as well.

And the results will disproportionately negatively affect those who need these protections the most. This is the end result of controls written with physical items (which originates from physical manufacturing plants and travel on physical means of conveyance) in mind but copied-pasted to handle "items" that can traverse the internet with no known originating point.

That's not to say export controls would have no leverage. For example, these products usually require an abnormally high degree of training and technical support that can be tracked. However, the little good export controls provide is probably outweighed by the harm -- such as preventing dissidents in the affected countries from being able to defend themselves. We know they do little good know because we watch Bashar Al Assad brandish the latest iPhone that his wife picked up in Paris. Such restrictions may stop the little people in his country getting things -- but they won't stop him.

The "open-source" exception in Wassenaar can be useful, up to a point. Researchers could post their findings to Github, as Graham points out, to ensure they're still protected. This, of course, means the Arrangement is still mostly useless, as the moment it's put into the public domain, any entity cut out of the distribution loop by this agreement can immediately make use of posted vulnerabilities and exploits. It also makes research destined to be open-sourced forbidden weaponry until the point it's actually made public. So, a laptop full of research is a prohibited weapon, while a Github post containing the same is not.

When security researchers discover 0-day, they typically write a proof-of-concept exploit, then present their findings at the next conference. That means they have unpublished code on their laptop, code that they may make public later, but which is not yet technically open-source. If they travel outside the country, they have technically violated both the letter and the spirit of the export restrictions, and can go to jail for 20 years and be forced to pay a $1 million fine.

Pro tip:

Thus, make sure you always commit your latest changes to GitHub before getting on a plane.

Statements made by the BIS aren't exactly comforting. The BIS's implementation doesn't include an open-source exception, but supposedly, this will still be taken into consideration when the US government starts throwing around fines and prison sentences. Randy Wheeler of the BIS:

"We generally agree that vulnerability research is not controlled, nor is the technology related to choosing a target or finding a target, controlled." However, she undermined her message by stating that any software that is used to help develop 0-day exploits for sale would be covered by the proposal.

Again, bad for researchers. This gives the government leeway to imply intent when prosecuting, because the allowed and the forbidden look very similar while still in their formative stages.

[T]he only difference between an academic proof of concept and a 0-day for sale is the existence of a price tag.

Even if the exploit is not on the market at the point the government steps in, it would take very little to insinuate that it would have been headed to market, if not for the speedy intervention of regulators.

There is some good news, however. The BIS is accepting comments on its proposed adoption (and partial rewrite) of the amendments to the Wassenaar Arrangement. The comment period ends on July 20, 2015, so sooner rather than later would be good if you're interested in steering the government away from doing further damage to the livelihoods of security researchers.

from the not-so-cool dept

Recently, we looked at how corporate sovereignty provisions undermine democracy by irrevocably binding future governments. The analysis was framed in terms of the UK's situation, but applied more generally to any country that signs up to investor-state dispute (ISDS) mechanisms in trade agreements. In particular, it applies to the US. And yet in President Obama's (in)famous TPP speech at Nike a few weeks ago -- the one where he claimed some of his "dearest friends" were wrong -- he said the following:

[TPP] critics warn that parts of this deal would undermine American regulation -- food safety, worker safety, even financial regulations. They're making this stuff up. (Applause.) This is just not true. No trade agreement is going to force us to change our laws.

The House Agriculture Committee voted 38-6 to repeal in its entirety country-of-origin-labeling (COOL) for beef, pork and poultry. The House vote came in response to a May 18 ruling by the World Trade Organization (WTO) that the U.S. had violated global trade rules by requiring supermarket labels on beef and pork to indicate where livestock was born, raised and slaughtered.

…

Congress has not repealed it because of overwhelming public support for COOL -- 90% of Americans support such a measure, according to Consumer Reports. Needless to say, civil society including farm, ranch, consumer, labor and other groups, won't sit quietly. But the fact is that the U.S. has to change COOL or face trade sanctions (though how significant is unclear). The USTR has already indicated it will encourage Congress to revise COOL.

As that makes clear, alongside the fact that it is quite possible that the US will indeed modify its laws here because of a trade agreement, this would be happening even though the laws in question enjoy huge support among the US public. Which shows that trade agreements can not only force laws to be changed, but can do so with absolutely no regard to what the people in whose name they are supposedly negotiated, actually want.

from the corruption-index dept

Last year, we wrote about two key "corruption indicators" in city and state governments: they ban direct sales models to block Tesla from competing with traditional car companies and they ban Uber/Lyft style car hailing services to protect local taxi incumbents.

It appears that Texas is really trying to wave its anti-innovation flag as strongly as possible as the legislature down there failed to move forward on two key bills that would have made it possible for Tesla to do direct sales in Texas... and to stop local cities from blocking Uber & Lyft to favor taxi incumbents.

A Texas House deadline has come and gone, killing many top-priority bills for both parties — among them one that would allow Tesla-backed direct car sales and another to regulate ride-hailing companies. Midnight Thursday was the last chance for House bills to win initial, full-chamber approval. Since any proposal can be tacked onto other bills as amendments, no measure is completely dead until the legislative session ends June 1. But even with such resurrections, actually becoming state law now gets far tougher.

And, of course, this comes just after the FTC warned Michigan for its blocking of direct sales of cars like Tesla.

The failure to allow direct sales is a much bigger deal than the car hailing stuff, but both are bad. And the response from Texas politicians is really quite disgusting:

Rep. Senfronia Thompson — one of the House's most senior members currently serving her 20th term — said it was the company's own fault that the bill didn't pass.

"I can appreciate Tesla wanting to sell cars, but I think it would have been wiser if Mr. Tesla had sat down with the car dealers first," she said.

Really? In what world is it considered appropriate to force an innovative company that wants to go direct to consumers to first "sit down" with the gatekeepers that are trying to block them? "I can appreciate Amazon wanting to sell books to people, but I think it would have been wiser if Mr. Amazon had sat down with retail store builders first." "I can appreciate YouTube wanting to let anyone upload videos, but I think it would have been wiser if Mr. YouTube had sat down with TV producers first."

That's not how innovation works. At all. And thus, we can cross Texas off the list of innovative states.

The law around car hailing is not quite as big of a deal, but without the new Texas law, various cities within Texas can still create their own rules that would effectively make it impossible for such services to operate there. There are states that create spaces for innovation -- and then there are those that protect incumbents. Texas appears to be making it clear that it's the latter. If I were a startup in Austin, I might consider finding somewhere else to operate.

from the enough-is-never-enough dept

The battle raging over the fast track bill is essentially one about control: who gets the final say over so-called trade agreements like TPP and TAFTA/TTIP. If the US President is not given trade promotion authority, it is possible that Congress will demand changes to the negotiated text; with fast track, it will be a simple up or down vote. That's also the situation in other countries participating in the negotiations: once the text is agreed upon, they can essentially accept it or reject it. However, a group of senior politicians in five of the TPP nations point out that after those votes, the US can still demand further concessions from its partners thanks to a process known as certification:

Senior parliamentarians from five countries negotiating the Trans-Pacific Partnership (TPP) agreement have signed an open letter urging their political leaders to protect their nations’ sovereignty from the United States' process of certification.

The US withholds the final steps that are necessary to bring a trade and investment treaty into force until the other party has changed its relevant domestic laws and regulations to meet US expectations of its obligations under the agreement. In the past, US 'expectations' have gone beyond what is in the actual text, and even included matters that were rejected in negotiations.

US officials can define another country's obligations; become directly involved in drafting that country's relevant law and regulations; demand to review and approve proposed laws before they are presented to the other country's legislature; and delay certification until the US is satisfied the new laws meet its requirements.

In other words, even though other nations might think that after their agreement and ratification of the text, everything is fixed, the US reserves the right to come back and demand changes to domestic laws and regulations so as to ensure that the implementation is as it wishes. That's no mere theoretical option: it has been used against both Peru and Australia recently. In the latter case, the US was unhappy with the legislation enacting the Australia-US free trade agreement (AUSFTA), and demanded that Australia bring in a supplementary law that actually went beyond the terms of AUSFTA. Even then, the US reserved its right to take legal action if it felt that Australia had still not gone far enough.

The publication of the open letter (pdf) to the political leaders of the TPP nations is a timely reminder that however much sovereignty they might be willing to give up during the negotiations for the sake of supposed gains, the US may want even more concessions -- without, of course, granting other countries the same prerogative.

from the because-that's-how-innovation-works dept

Whatever you might think of Uber in terms of its attitude and practices (and, really, people feel this weird need to rant on about such feelings, but that's unrelated to the point of this post -- so no need to tell everyone), you can't really deny that it has truly revolutionized the way that many people are able to get around in a variety of metropolitan areas. And Uber and its various competitors have done this by building a better system that is much more convenient and easy to use, and actually using much more realistic market forces, rather than doing silly things like artificially limiting the number of taxi medallions to keep taxi services scarce and expensive.

Of course, the old beneficiaries of the system, have hit back any way they can. As we've written repeatedly, various cab companies and bureaucrats seem to go out of their way to attack such ride sharing services. The typical go-to claim from those hating on ride hailing services is that because they're less regulated, they're more subject to fraud and abuse or unsafe driving conditions. There is, however, little evidence to back that up. While there are some anecdotal stories of bad ride hailing drivers, we're already seeing innovative ways to deal with that. For example, in India, Uber recently added an emergency button to its app, which would directly alert police if a rider was in trouble.

In short, what we've seen is that, through innovation, competition and (most importantly) an abundance of information, a better overall result can occur. The reasons for many taxi regulations in the past was because of clear information asymmetry: taxi drivers could (and frequently did) screw over passengers, because there was basically no recourse. There was no way for a rider to know if the driver was safe or not, and (more importantly) no real way for that rider to then warn future passengers. But ride hailing services changed that in a big way by flipping the equation, and allowing a good way to rate drivers and to create incentives for those drivers to do a good job. It's not perfect, but, frankly, my own experience in using Uber and Lyft has been that the overall experience has been much, much better than using a traditional cab.

In New York City -- a place where cabs have long been limited by its famous medallion system -- there's been a struggle to deal with this innovative change. Just last year, we wrote about the Taxi and Limousine Commission declaring Lyft to be illegal. And, a few months ago, a NYC politician proposed a bill that would require the TLC to create its own Uber-like app. Because, apparently, innovation works by having the government mandate another part of the government copy an innovative company?

Either way, the TLC is now looking to go even further, in proposing new rules that say that basically any ride hailing app should be fully regulated by the NYC TLC and including a bunch of conditions that really don't seem necessary. Some of them just seem like relics from a previous era that are there because they were there in the past. It's difficult to see why that makes any sense. And then there are new requirements that also seem bizarre. Like this:

The website and/or smartphone application must provide Passengers, upon request, with an estimate of the total fare, inclusive of all fees and any price multiplier or variable pricing policy in effect, for the ride.

I can see how that would be a nice feature to have, but should it be required by the government? If Uber doesn't provide that and Lyft does, then isn't that just a competitive advantage for Lyft? And, really, do existing taxi systems already do that beyond a driver tossing out a random estimate off the top of his head on how much it will cost to go somewhere?

Then there's something really concerning: buried in the rules is the idea that drivers can only work for one provider at a time. I've seen many drivers that work for both Lyft and Uber (and sometimes others as well). Specifically, the rules have a "one device" rule -- saying drivers can only use a single device at a time, but many drivers that I've seen who work for multiple services have separate devices (and some, like Uber, will offer to rent you a special phone just for being an Uber driver, if you don't want to/can't use your own phone).

A Base Owner must not dispatch a For-Hire Vehicle that is equipped with more than one electronic device in addition to the dispatch equipment required by the Vehicle’s affiliated Base...

Again, I'm sure the TLC would argue that this is for safety reasons. Elsewhere in the document it suggests that by arguing that this single device cannot be handheld:

a For-Hire Vehicle may be equipped with one electronic device that is used to accept dispatches from a Base or FHV Dispatch Application, provided that that the device is mounted in a fixed position and not hand-held and use of the electronic device is limited to either voice or one-touch preprogrammed buttons or keys while the Vehicle is in motion.

And, sure, you can reasonably worry about the driving safety of someone who has multiple such devices, though I've seen plenty of drivers with two or three phones lined up in a way that seems perfectly reasonable.

The more glaring concern here, though, is that such a rule basically locks in the incumbents and harms the upstarts. If a driver can't drive for Uber and a new ride hailing startup, they're likely to just stick with Uber, and the upstarts get cut out. That's a problem. Even if that's not the intention, it's these kinds of regulations that all too often lock things in so that incumbents stay in power, while startups are blocked.

Furthermore, just the idea that any new service in this space has to now go and plead with the TLC to get "licensed" is going to slow and limit the opportunities for new and innovative players in this space. Uber got to where it was by building a useful service, not having to ask local bureaucrats for permission every time. The next generation of companies looking to reinvent the space won't be so lucky -- and that may mean we all suffer.

from the this-won't-end-well dept

Back in March, we wrote about a really bad bill that had been proposed in California by Assemblymember Matt Dababneh, called AB 1326. As we noted, it would basically destroy the ability of new startups in the Bitcoin space to build their businesses in California. Specifically, it would require any startup in the broadly defined "business of virtual currency" to first need to get licensed by "the Commissioner of Business Oversight" and then comply with a long list of other regulations -- including regular audits by the Department of Business Oversight. Well, unless you're a big bank or financial institution. Then you can carry on and experiment with Bitcoin all you want.

In short, the bill would reverse decades of how Silicon Valley has lead the world in innovation -- by switching from a world of rapid innovation and permissionless innovation, to one in which any startup even contemplating doing anything with Bitcoin would have to go plead their case to clueless regulators in Sacramento. It's hard to see how anyone could possibly think this is a good idea for innovation or the California economy. And yet... the assembly's committee on banking and finance has now voted the bill out of committee, sending it on to the appropriations committee and then on to the floor of the legislature.

Of course, perhaps it's not so surprising that the committee on "banking and finance" would approve this bill -- considering it gives a free pass to big banks and financial services companies while hindering startups, entrepreneurs and innovators. However, any of the many startups in California that are doing some amazing and interesting things with Bitcoin should speak up now, because California is about to tell them to move out of the state entirely.

from the don't-fall-for-the-marketing. dept

George Mason University professor Bill Schneider recently had an interesting blog post over at Reuters in which he discusses how Hillary Clinton is in a tough spot concerning the TPP and TTIP agreements, in that much of the Democratic party is now vehemently against these "trade" deals, while historically, the Clintons have been for them. The piece argues that whichever side Hillary takes will create a problem for her presidential campaign. The politics in the piece may be right, but almost the entire thing is built on the assumption that the TPP agreement really is about "trade" and that such an agreement will lead to cheaper goods and such. Take this passage for example:

Trade is not an ideological issue. It’s a populist issue — the people versus the establishment. Ordinary Americans are suspicious of trade deals. Economists have a hard time understanding this, but most people see trade not as an economic issue but as a moral issue.

People think it’s wrong for them to benefit as consumers from lower prices for foreign-made goods if it throws Americans out of work. Will they purchase the foreign-made goods? Of course they will — as long as they’re cheaper. That’s rational economic behavior. They just don’t think they should be allowed to.

I don't think that's actually what people are thinking at all, but even if we run with it, it's based on the very faulty premise that these agreements have anything to do with free trade at all. As we've discussed in the past, they do not. They are quite clearly often about the opposite of free trade. In the past, we've strongly recommended Michael Goodwin's epic comic about TPP where he shows how it's really got little to do with free trade, and everything to do with the ability to move investment capital around:

Perhaps an even better explanation comes from Tim Lee over at Vox, who goes into the history of these agreements, noting that the "free trade" stuff has mostly already been taken care of, as there aren't that many meaningful tariffs/trade barriers left. Instead, trade agreements have become a sort of secret playground for big corporations to abuse the process and force favorable regulations to be put in place around the globe. He discusses the history and how organized labor, the copyright industries, the pharmaceutical industries and more now basically use trade agreements as a secretive, anti-democratic process to force through regulations they want.

As the opportunities for trade liberalization have dwindled, the nature of trade agreements has shifted. They're no longer just about removing barriers to trade. They've become a mechanism for setting global economic rules more generally.

This trend is alarming to Simon Lester, a free trader at the Cato Institute. "We've added in these new issues that I'm skeptical of," he says. "It's not clear what the benefits are, and they cause a lot of controversy."

And this system for setting global rules has some serious defects. We expect the laws that govern our economic lives will be made in a transparent, representative, and accountable fashion. The TPP negotiation process is none of these — it's secretive, it's dominated by powerful insiders, and it provides little opportunity for public input.

If you make the facile assumption that the TPP is actually about free trade, then you might be confused about all the hubbub about it. If you actually take the time to understand that much of what's in there has nothing to do with free trade and, in fact, may be the opposite of free trade, you realize why there's so much concern.

from the while-the-us-goes-the-other-way dept

Imagine if a government put out a series of questions that the public could respond to, garnered responses from across a community, listened to them, and then actually enacted sensible tech policy. Sounds like a dream, right? Well that's exactly what the UK just did.

One major conclusion is that the UK will apply AML (anti money-laundering) regulation to digital currency exchanges, with the details to be determined by the Parliament in the forthcoming session. The US, by contrast, already imposes such requirements on exchanges plus other digital currency companies via FinCEN and the Bank Secrecy Act. The UK government will also work to ensure that law enforcement has the tools it needs to stamp out criminal uses of digital currencies.

But the even bigger part is what's missing: no licensing regime for digital currencies.[1] No arduous process for startups and small businesses. No policies that give an advantage to big institutions over up-and-coming innovators.

In fact, the British government decided that what is most appropriate is to work with the digital currency community to develop a set of best practices for consumer protection and create a voluntary, opt-in regime. This approach was chosen "in order to address the risks identified but without imposing a disproportionate regulatory burden on the industry." And because it recognizes the substantial promise that digital currency technology has to offer, the government will devote GBP 10 million (approximately US$15M) in an annual budget for research in the space, including the newly-formed Alan Turing Institute.

The report reads like a breath of fresh air, with an honest assessment of the current low likelihood of use by major criminal enterprise, and acknowledgements of the risk of regulating too much, too soon. It even summarizes the belief that New York's proposed BitLicense is an overly restrictive approach that could damage the industry.

The UK's approach differs from that of New York in several ways, including that the UK chose to analyze first and propose later. While NY did hold hearings in advance of releasing its regulations, it still to this date has failed to release a summary of its research and rationale for requiring strong digital currency regulation, despite its legal requirement to do so. And New York's regulations require permission to innovate via licensing, whereas the UK's proposal takes a different and far more innovation-friendly tack.

The UK digital currencies report acknowledged that market participants are addressing some of the risks in the space, and singled out exchanges as a special category, instead of New York's overly broad "virtual currency business activity" that encompasses everything from microtipping services to launching a protocol for a new currency. (As an aside, New York has claimed it won't regulate "software developers," but what it actually means is it won't regulate software developers as long as they aren't developing the software covered by its proposed law.)

Some London-based entrepreneurs I spoke to reacted with uncertainty about the effect that overly burdensome anti money-laundering regulations could have, and this is yet to be determined. But in the end, a regime in which one does not need permission to innovate, but instead has a reasonable set of rules to abide by, bodes far better for building the future of technology.

Basically, the UK just became the anti-NY. And the innovation will flock to the places with smart, sensible policies that allow for permissionless innovation.